190 likes | 352 Views
Roma “Piazza di Spagna - 29 Marzo 2012. MOTIA FINAL CONFERENCE ''Project Presentation”. “ Interdependency at the Physical and IP Levels” Wp1 and Wp2 With the support of the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme
E N D
Roma “Piazza di Spagna - 29 Marzo 2012 MOTIA FINAL CONFERENCE ''Project Presentation” “Interdependency at the Physical and IP Levels” Wp1 and Wp2 With the support of the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme European Commission - Directorate-General Home Affairs This publication reflects the views only of the author, and the Commission cannot be held responsible for any use which may be made of the information contained therein Enrico Gregori – IIT/CNR enrico.gregori@iit.cnr.it
IP LEVEL • Ip packet travelling from source to destination
PROJECT APPROACH • Decompose a descriptor of an ICT (TCP/IP based • Infrastructure in three descriptors • Physical and Data Link (PHY&DL) • IP level • Application layer level • Rules that enable the connection of the three descriptors must be defined • The level of details of the above descriptors has a fundamental impact on the interdependencies discovery
PHYSICAL & DATA LINK • Each ISP has a complex • infrastructures whose • description requires a • lot of details, e.g., • Site infrastructures • Cabling • Physical links and • related protocols
PHYSICAL & DATA LINK • A wide variety of technologies and of physical infrastructures • Technologies are well known (mostly standardized) but it is very difficult to obtain descriptor of the Phy& DL infrastructure as they are considered • IMPORTANT ASSETS WHOSE DETAILS ARE NOT TO BE DISCLOSED
PHYSICAL & DATA LINK • Further complexity: • THE ORGANIZATIONAL STRUCTURE • Operators owning their physical infrastructure and providing services on top of it • Operators buying or hiring physical infrastructures (dark fiber) from (1) and providing services on top of it • Operators running services based on lower layer services provided by third parties (that can be both (1) or (2))
PHYSICAL & DATA LINK • To sum it up: • There are no automatic way to construct the Phy&DL descriptors • There are no map of the cabling infrastructures used and cabling infrastructures are often shared by several operators • Precise descriptors of the Phy&DL can be developed only in specific contexts in which ISPs are directly interested in the project and are cooperative. A further complexity is generated by those operators buying or hiring physical infrastructures (dark fiber or running services based on lower layer services provided by third parties) • A not-detailed descriptor of this level implies rough approximations on the interdependencies associated to Phy&DL problems.
PHYSICAL & DATA LINK • Luckily Phy&DL technologies are often very fault tolerant with back-up connectivity and with mechanism for fast restoration. • Access network are rarely with secondary connectivity at Phy&DL • Faults on access network have impact only on a limited community of users • Note that redundant connectivity at the IP level (i.e., with two or more ISPs) is effective (at the access level) if these ISP are not sharing the same cabling infrastructure
IP LEVEL • Network router graph
IP LEVEL: AS INFRASTRUCTURE • AS graph
IP LEVEL: AUTONOMOUS SYSTEM • AS graph
IP LEVEL: TOPOLOGY DISCOVER • There are two tools (Traceroute-based and BGP-based) that have been widely used to automatically collect topology data • Both these tools allow automatic topology discover and several project have been running for year with this target • These tools were not designed for this purpose and hence they have several limitations
IP GRAPH DESCRIPTOR • Router graph descriptor: • automatic tool: traceorute, • success level: average comment: with trace route you don’t control routing hence for a good discovery you need many starting points! • ASGraph descriptor: • automatic tool: Yes (BGP or traceroute) • success level: high for CP links; low for public or private peering peering • ASGraph descriptor + Business relationship (peering, CP, Sibling): • automatic tool: Yes (BGP or Traceroute) • Success level : high • ASGraph descriptor + POP localization • automatic tool: Yes (Traceroute) • success level: low as it is an very novel research activity
COUPLING THE DESCRIPTORS • Phy&DL NIC • Each router interface will use a Phy&DL NIC • Geolocalizion of the routers and of the POP Infrastructures of the operators could also help in the coupling process • Manual coupling with info provide by the operator is always required if maximal precision in the interdependency study is the target • Application • The IP address is the most valuable info to connect an IP descritor with an Application level descriptor
CONCLUSIONS • Very difficult to get an accurate descriptor of the ICT Infrastructure • Research on measurement methodologies to monitor the ICT infrastructure is still needed • Some data (Phy&DL) will be manually collected • IP monitoring infrastructure is inadequate but automatic data collection is a feasible target • AS-Graph descriptor + Business relationship (peering, transit) + POP localization is a good tradeoff between complexity and precison
Roma “Piazza di Spagna - 29 Marzo 2012 MOTIA FINAL CONFERENCE Thanks for Attention Enrico Gregori– IIT/CNR enrico.gregori@iit.cnr.it